Graphicsmagick
Sign in to watchCVEs (73)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2005-1739 | 0.01 | — | 0.12 | May 24, 2005 | The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick before 1.1.6-r1, allows remote attackers to cause a denial of service (infinite loop) via an image with a zero color mask. | ||
| CVE-2025-32460 | 0.00 | — | 0.00 | Apr 9, 2025 | GraphicsMagick before 8e56520 has a heap-based buffer over-read in ReadJXLImage in coders/jxl.c, related to an ImportViewPixelArea call. | ||
| CVE-2025-27795 | 0.00 | — | 0.00 | Mar 7, 2025 | ReadJXLImage in JXL in GraphicsMagick before 1.3.46 lacks image dimension resource limits. | ||
| CVE-2025-27796 | 0.00 | — | 0.00 | Mar 7, 2025 | ReadWPGImage in WPG in GraphicsMagick before 1.3.46 mishandles palette buffer allocation, resulting in out-of-bounds access to heap memory in ReadBlob. | ||
| CVE-2013-4589 | 0.00 | — | 0.03 | Nov 23, 2013 | The ExportAlphaQuantumType function in export.c in GraphicsMagick before 1.3.18 might allow remote attackers to cause a denial of service (crash) via vectors related to exporting the alpha of an 8-bit RGBA image. | ||
| CVE-2012-3438 | 0.00 | — | 0.01 | Aug 7, 2012 | The Magick_png_malloc function in coders/png.c in GraphicsMagick 6.7.8-6 does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation. | ||
| CVE-2008-6621 | 0.00 | — | 0.01 | Apr 6, 2009 | Unspecified vulnerability in GraphicsMagick before 1.2.3 allows remote attackers to cause a denial of service (crash) via unspecified vectors in DPX images. NOTE: some of these details are obtained from third party information. | ||
| CVE-2008-6072 | 0.00 | — | 0.01 | Feb 10, 2009 | Multiple unspecified vulnerabilities in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, allow remote attackers to cause a denial of service (crash) via unspecified vectors in (1) XCF and (2) CINEON images. | ||
| CVE-2008-6071 | 0.00 | — | 0.06 | Feb 10, 2009 | Heap-based buffer overflow in the DecodeImage function in coders/pict.c in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PICT image. NOTE: some of these details are obtained from third party information. | ||
| CVE-2008-6070 | 0.00 | — | 0.03 | Feb 10, 2009 | Multiple heap-based buffer underflows in the ReadPALMImage function in coders/palm.c in GraphicsMagick before 1.2.3 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PALM image, a different vulnerability than CVE-2007-0770. NOTE: some of these details are obtained from third party information. | ||
| CVE-2008-3134 | 0.00 | — | 0.02 | Jul 10, 2008 | Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file. | ||
| CVE-2006-5456 | 0.00 | — | 0.01 | Oct 23, 2006 | Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c. | ||
| CVE-2005-0005 | 0.00 | — | 0.04 | May 2, 2005 | Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers. |
Page 4 of 4